PCIDSS

The Payment Card Industry Data Security Standard (PCIDSS) is a worldwide standard that was setup to help business process card payments securely & reduce card fraud.

What is PCIDSS?

From large corporations to small Internet stores, compliance with the PCI Data Security Standard (PCIDSS) is essential for all merchants who accept credit or debit card payments. The size of your business depends on your compliance requirements such as how many transactions you process per annum, the type of transactions such as phone or web, and if you need to store credit or debit card data.

Cyprium is fully PCIDSS compliant and our payment gateway is certified as PCIDSS Level 1 compliant. This is the highest level of PCIDSS compliancy. The platform includes a range of fraud management services to help secure online & phone payments reducing your exposure to fraud. The payment gateway is used by large institutions including government sectors, blue chips & a wide range of business sectors giving you peace of mind that your company’s transactions are secure.

The majority of payment solutions provided by Cyprium are designed to take your company out of scope of PCIDSS compliancy. However, even if your company is out of scope of PCIDSS using Cyprium products, we recommend you are aware of the following information regardless.

Why is PCI DSS Compliance Important?

PCI DSS complaint means you are keeping your customers valuable information safe and secure and out of the reach of people who could use the data in a fraudulent way. Not storing card data reduces the risk that your customers will be affected by fraud. If you don’t need to store card data then don’t. If you suffer a data breach and you are not PCI DSS compliant you could incur Card Scheme fines for the loss of this data and may be liable for the fraud losses incurred against these cards and the operational costs associated with replacing the accounts. Unfortunately data breaches occur regularly and e-commerce sites are a very frequent target from hackers who often successfully compromise e-commerce sites. It is imperative for you to ensure that you have implemented all of the relevant controls in PCIDSS. You are responsible for looking after your customer’s card data, regardless who processes the data on your behalf.